CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:P/A:C
AI Score
Confidence
High
EPSS
Percentile
77.0%
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | jboss_operations_network | 3.3.1 | cpe:2.3:a:redhat:jboss_operations_network:3.3.1:*:*:*:*:*:*:* |